Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Feature request: config.xml generator

    Scheduled Pinned Locked Moved
    Forum Feedback
    2
    4
    3.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Slam
      last edited by

      Maybe not a well thought out request or perhaps needs a lot of work but I think it would be useful to have a config.xml generator that could be very handy for users.

      Something that can be downloaded and unpacked to a php enabled web server, it would emulate the firewalls GUI and any interfaces, vpns, users, rules etc could be created, edited, deleted and would be r/w to a config.xml locally and can be download to the client pc via the usual backup/restore menu, ready to dump on a usb for auto config installs.

      I know it would probably need a lot of php and javascript magic and of course include all possible devices in drop down boxes, for example for interfaces have em0-15, rl0-15, bge0-15.

      This can save having to manually edit config files and risking uploading a bad config file to a firewall.

      Maybe a bad idea, what do you think?

      1 Reply Last reply Reply Quote 0
      • M
        Metu69salemi
        last edited by

        Install VM-hypervisor to your computer/laptop and you almost get what you wanted.
        If you restore your configs there is almost 100% possibililty that you'll need to assign interfaces again anyway.

        Only part that VM is not very well suitable is interface section.

        But overall it doesn't sound very bad idea, at least to me it doesn't sound.

        P.S. Hopefully i'm not stealing this topic

        I'm wishing to have ease-to-use squid rule creator, like some commercial products have.

        1 Reply Last reply Reply Quote 0
        • S
          Slam
          last edited by

          Yeah I am running ESXi already and this is what I am doing too, I only ever use em(4) devices, but for testing/deployment I have to manually edit the config.xml to adapt for other NIC devices, and thats what I am trying to avoid, especially with user input error as sometimes can happen.

          Interesting you mention squid rule creator, where have you seen this? I finally got multi-wan+squid+auto outbound NAT working (after switching the damned sticky conns off lol..with it on, only WAN was passing traffic) and looking to fine tune my squid rules or re-create them entirely.

          Thanks for the feedback, very much appreciated.

          Maybe time to dust off my old uni java books and have a look at the config.xml structure.

          1 Reply Last reply Reply Quote 0
          • M
            Metu69salemi
            last edited by

            @Abdsalem:

            Interesting you mention squid rule creator, where have you seen this? I finally got multi-wan+squid+auto outbound NAT working (after switching the damned sticky conns off lol..with it on, only WAN was passing traffic) and looking to fine tune my squid rules or re-create them entirely.

            I mean samekind of setup as watchguard (and similars) have, you just click porn and apply that, then you almost certain can't see any porn.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post